Non-Admin API Keys

RBAC and API Keys

DevOps teams often need to utilize API capabilities, while staying within the organization’s RBAC policies. This is especially true when there are self-service users orchestrating complex deployments.

To that end, we’re releasing new functionality that allows you to generate and maintain role-based access to API keys–providing you the safety of RBAC alongside the convenience of API services.

Now, your team can create limited-permission API keys that can be used to fix things like orphaned environments without you having to provide org-wide admin access. More importantly, this allows you to enforce user-level RBAC permissions via API.

Creating a Limited-Access API Key

Organization admins can create non-admin API keys, which are then assigned to teams and specific projects.

Under “Organization Settings” you’ll see the column “Role”, which states the type of the API key and is interchangeable between admin and user.

During creation of an API key with the “User” role, your Admin will be able to assign the key to specific projects. After creation, the Admin will be able to assign the key for a team.

‍

If you’re looking to utilize the convenience of API Keys while maintaining the security of your current RBAC Policies, env0’s new Non-Admin API Key feature solves just this.

Manage on-prem VMware vSphere with Terraform and env0

You Need Audit Logs for Your Infrastructure as Code, and They’re Easy to Set Up

How to Implement fine-grained Role-Based Access Control for Your Infrastructure as Code with Custom RBAC Roles

Go back to blog

This website uses cookies. We use cookies to ensure that we give you the best experience on our website. Learn More

Preferences Deny Accept